Cryptanalysis of an Authentication Key Exchange Protocol

Abstract

Abstract: An authenticated multiple-key agreement protocol uses a digital signature to sign the Diffie-Hellmanpublic keys which can generate multiple session key in a single round of message exchange and achieve mutualauthentication. Recently, Hwang et al . proposed an authentication key exchange protocol which takes lesscomputation time than Harn and Lin’s protocol. However, this study, shows that Hwang et al .’s protocol sivulnerable to forgery attacks. An attacker can fool one communication part into believing the forged short-termpublic keys and share session keys with him. Key words: Authentication, cryptanalysis, key agreement, multiple-key INTRODUCTION In 1998, based on the MQV protocol, Harn and LinIn 1976, the key agreement protocol was introduced without using one-way functions. Summarily, Harn andby Diffie and Hellman [1]. The two parties were able o Lin’st protocol contain the authentication for the establish a secret session key over an insecure channel, Diffie-Hellman protocol. The two communication entitiessuch that the confidential information was transmitted can establish multiple session keys in one round f osecurely. However, the Diffie and Hellman protocol could interaction and use simple key computations.not provide authentication of the two parties. In other Unfortunately, Yen and Joye pointed out that Harnwords, the two parties could not authenticate each other. and Lin’s protocol had a security flaw; it suffered fromTo solve this problem, there are two ways to integrate forgery attacks. If a valid short-term public key pair s iauthentication into a key agreement protocol. One given, an attacker can forge a new short-term public keyapproach uses a pre-shared password